CVE-2017-12361 - OpenCVE

A vulnerability in Cisco Jabber for Windows could allow an unauthenticated, local attacker to access sensitive communications made by the Jabber client. An attacker could exploit this vulnerability to gain information to conduct additional attacks. The vulnerability is due to the way Cisco Jabber for Windows handles random number generation for file folders. An attacker could exploit the vulnerability by fixing the random number data used to establish Secure Sockets Layer (SSL) connections between clients. An exploit could allow the attacker to decrypt secure communications made by the Cisco Jabber for Windows client. Cisco Bug IDs: CSCve44806.

No CVSS v4.0

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:L/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Jabber

Configuration 1 [-]

OR	cpe:2.3:a:cisco:jabber:11.8\(0\):::::windows::
	cpe:2.3:a:cisco:jabber:11.8\(1\):::::windows::
	cpe:2.3:a:cisco:jabber:11.8\(2\):::::windows::
	cpe:2.3:a:cisco:jabber:11.8\(3\):::::windows::

No data.

References

Link	Providers
http://www.securityfocus.com/bid/101994
http://www.securitytracker.com/id/1039915
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-jabber2

History

No history.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2017-11-30T09:00:00

Updated: 2024-08-05T18:36:56.318Z

Reserved: 2017-08-03T00:00:00

Link: CVE-2017-12361

Vulnrichment

No data.

NVD

Status : Modified

Published: 2017-11-30T09:29:01.353

Modified: 2019-10-09T23:23:01.090

Link: CVE-2017-12361

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Cisco Jabber", "vendor": "n/a", "versions": [{"status": "affected", "version": "Cisco Jabber"}]}], "datePublic": "2017-11-30T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in Cisco Jabber for Windows could allow an unauthenticated, local attacker to access sensitive communications made by the Jabber client. An attacker could exploit this vulnerability to gain information to conduct additional attacks. The vulnerability is due to the way Cisco Jabber for Windows handles random number generation for file folders. An attacker could exploit the vulnerability by fixing the random number data used to establish Secure Sockets Layer (SSL) connections between clients. An exploit could allow the attacker to decrypt secure communications made by the Cisco Jabber for Windows client. Cisco Bug IDs: CSCve44806."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "description": "CWE-200", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2017-12-01T10:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "101994", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/101994"}, {"name": "1039915", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1039915"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-jabber2"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2017-12361", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco Jabber", "version": {"version_data": [{"version_value": "Cisco Jabber"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in Cisco Jabber for Windows could allow an unauthenticated, local attacker to access sensitive communications made by the Jabber client. An attacker could exploit this vulnerability to gain information to conduct additional attacks. The vulnerability is due to the way Cisco Jabber for Windows handles random number generation for file folders. An attacker could exploit the vulnerability by fixing the random number data used to establish Secure Sockets Layer (SSL) connections between clients. An exploit could allow the attacker to decrypt secure communications made by the Cisco Jabber for Windows client. Cisco Bug IDs: CSCve44806."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-200"}]}]}, "references": {"reference_data": [{"name": "101994", "refsource": "BID", "url": "http://www.securityfocus.com/bid/101994"}, {"name": "1039915", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1039915"}, {"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-jabber2", "refsource": "CONFIRM", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-jabber2"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T18:36:56.318Z"}, "title": "CVE Program Container", "references": [{"name": "101994", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/101994"}, {"name": "1039915", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1039915"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-jabber2"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2017-12361", "datePublished": "2017-11-30T09:00:00", "dateReserved": "2017-08-03T00:00:00", "dateUpdated": "2024-08-05T18:36:56.318Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:jabber:11.8\\(0\\):*:*:*:*:windows:*:*", "matchCriteriaId": "DDEB6284-44C2-40E2-8129-D53D4A2B6953", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:jabber:11.8\\(1\\):*:*:*:*:windows:*:*", "matchCriteriaId": "6650E280-C791-4EB4-B27F-F7D1FB7CCB3B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:jabber:11.8\\(2\\):*:*:*:*:windows:*:*", "matchCriteriaId": "B53EFD64-0B19-48D0-AE0F-7BD03B8D6465", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:jabber:11.8\\(3\\):*:*:*:*:windows:*:*", "matchCriteriaId": "D24F25C2-BC6C-49D5-BB36-290F3C8A97C2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in Cisco Jabber for Windows could allow an unauthenticated, local attacker to access sensitive communications made by the Jabber client. An attacker could exploit this vulnerability to gain information to conduct additional attacks. The vulnerability is due to the way Cisco Jabber for Windows handles random number generation for file folders. An attacker could exploit the vulnerability by fixing the random number data used to establish Secure Sockets Layer (SSL) connections between clients. An exploit could allow the attacker to decrypt secure communications made by the Cisco Jabber for Windows client. Cisco Bug IDs: CSCve44806."}, {"lang": "es", "value": "Una vulnerabilidad en Cisco Jabber para Windows podr\u00eda permitir que un atacante local sin autenticar acceda a comunicaciones sensibles realizadas por el cliente Jabber. Un atacante podr\u00eda explotar esta vulnerabilidad para obtener informaci\u00f3n y realizar ataques adicionales. La vulnerabilidad se debe a la forma en la que Cisco Jabber para Windows gestiona la generaci\u00f3n aleatoria de n\u00fameros para las carpetas de archivos. Un atacante podr\u00eda explotar la vulnerabilidad corrigiendo los datos de n\u00fameros aleatorios empleados para establecer conexiones SSL (Secure Sockets Layer) entre clientes. Un exploit podr\u00eda permitir que el atacante descodifique comunicaciones seguras realizadas por el cliente Cisco Jabber para Windows. Cisco Bug IDs: CSCve44806."}], "id": "CVE-2017-12361", "lastModified": "2019-10-09T23:23:01.090", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 2.5, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-11-30T09:29:01.353", "references": [{"source": "ykramarz@cisco.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/101994"}, {"source": "ykramarz@cisco.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1039915"}, {"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-jabber2"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-330"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-200"}], "source": "ykramarz@cisco.com", "type": "Secondary"}]}